检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
ALM-12001 Audit Log Dumping Failure Description Cluster audit logs need to be dumped on a third-party server due to the local historical data backup policy. The system starts to check the dump server at 3 a.m. every day.
How Do I Back Up the Database Audit Logs? Database audit supports manual backup and automatic backup. Audit logs are backed up to OBS. Buckets will be automatically created and will incur a separate bill. Perform the following operations to automatically back up audit logs.
Step 5: Enable Database Audit By default, database audit complies with a full audit rule, which is used to audit all databases that are connected to the database audit instance. You can enable audit and check audit results. For details, see Viewing the Audit Dashboard.
After you change the retention period of audit logs, expired audit logs will be deleted 1 hour later. After SQL audit is enabled, a large number of audit logs may be generated during peak hours.
Request Table 2 Parameters Parameter Mandatory Type Description ids Yes Array of strings Specifies the list of audit logs. A maximum of 50 audit log IDs are allowed in the list. Example Request Obtain the links for downloading audit logs.
The value is 0 when SQL audit is disabled. audit_types Array of strings Actual operation types recorded in audit logs. If this parameter is left blank, no operation types are filtered out. all_audit_log_action String All operation types that can be recorded in audit logs.
This section describes how to enable the database audit function and check audit results. To audit a database, export the database configurations and install the agent on the nodes of the Cloud Container Engine (CCE) clusters connected to the database.
How Long Are the Operation Logs of Database Audit Saved by Default? The operation logs of database audit are permanently saved. Parent topic: Logs
Step 2: Enable Database Audit By default, database audit complies with a full audit rule, which is used to audit all databases that are connected to the database audit instance. You can enable audit and check audit results. For details, see Viewing the Audit Dashboard.
How Do I Verify My Database Audit Configuration? To verify your database audit configurations after you enabled audit, perform the following steps: Enter an SQL statement (for example, show databases) in the node where the agent is installed. Log in to the management console.
Restoring Audit Logs and Configuration Data You can restore system audit logs and configuration data by uploading backup files on the System Management > Backup Restore page.
Querying Audit Logs of Killing Sessions Function Obtaining Audit Logs of Killing Sessions Constraints None URI URL format GET /v3/{project_id}/instances/{instance_id}/processes-audit-log?
Using CTS to Audit Lite Server Operations ModelArts Lite Server can interconnect with Cloud Trace Service (CTS). With CTS, you can record operations associated with ModelArts Lite Server for later query, audit, and backtrack operations.
How Do I Set Database Audit Rules for All Databases? By default, database audit complies with a full audit rule, which is used to audit all databases that are connected to the database audit instance. This audit rule is enabled by default.
What OSs Can I Install the Database Audit Agent On? To use database audit, you need to install its agent on the required database, application, or proxy side, and then connect to the database audit instance. The database audit agent can run on 64-bit Linux or 64-bit Windows.
The database audit instance is in the Running state. For details about how to enable database audit, see Enable Database Audit. Procedure Log in to the management console. Select a region, click , and choose Security & Compliance > Database Security Service.
Using CTS to Audit IAM Identity Center Operations Key Operations Supported by CTS Viewing CTS Traces in the Trace List
Parent topic: Configuring Audit Rules
In the Audit Settings area, set the audit items: The default audit log retention policy is space-first, which means audit logs will be automatically deleted when the size of audit logs on a single node exceeds 1 GB.
Obtaining Links for Downloading Audit Logs Description This API is used to obtain the link for downloading audit logs.
